Consolidated business service for integrating service oriented architecture services with customer resources

ABSTRACT

A Consolidated Business Service (CBS) manages an interface between Service Oriented Architecture (SOA) services and resources used by at least one enterprise customer. The CBS utilizes an Enterprise Systems Management (ESM) layer that includes: a bi-directional portal between Service Oriented Architecture (SOA) services and enterprise resources used by at least one enterprise customer; an aggregating logic for aggregating incoming and outgoing messages from the SOA services and the enterprise resources; a strategy set of rules that define pre-set responses to an event described by one or more of the incoming messages from the enterprise resources, wherein the pre-set responses are provided by a SOA response service from the SOA services; and a delegation logic for delegating the pre-set responses to agents in the affected resources, wherein the agents are software logic that have been pre-deployed, from the ESM layer to the affected resources, for executing the pre-set responses.

BACKGROUND OF THE INVENTION

1. Technical Field

The present disclosure relates in general to the field of computers, andmore particularly to the computer systems. Still more particularly, thepresent disclosure relates to Service Oriented Architecture (SOA)services utilized by computer systems.

2. Description of the Related Art

A Service Oriented Architecture (SOA) can be viewed as a computer systemarchitecture in which business processes, packaged as software services,can be created and reused by a client enterprise.

Enterprises, both commercial, non-commercial and governmental, typicallyhave different systems for auditing, controlling and directing variousInformation Technology (IT) functional units. Such IT functional unitsinclude, but are not limited to, data centers (where enterprise data isstored), call centers (where telephone and e-mail calls from customersare centrally handled by an enterprise or a third party administrator),network operations centers (where the networks which interconnect peopleand organizations are managed), security centers (for protectingcomputer networks and systems from digital attacks), auditing andcontrol operations (which manage the risk and operational health, andoversee the functionsing of an enterprise), data operations (whereenterprise data is input, processed and managed), and applicationdevelopment (from which software code is conceived, written, debuggedand deployed). Such IT functional units often utilize differentprotocols, including different operating systems, different software,different versions of software, different communication formats, etc.

Because of the disparity in system types found in the client enterprise,using SOA services is difficult, since there is little or nocoordination and/or consolidation of events found in an enterprise. Thatis, a single resource in an enterprise may be able to request aparticular SOA service, but there is no current process/system forcoordinating the needs of multiple resources, which may be fromdifferent client enterprises and/or may utilize different protocols.Thus there is a need in the art for a coordinating entity in theenterprise that provides an integrating systems management function.

SUMMARY OF THE INVENTION

A Consolidated Business Service (CBS) manages an interface betweenService Oriented Architecture (SOA) services and resources used by atleast one enterprise customer. The CBS utilizes an Enterprise SystemsManagement (ESM) layer that includes: a bi-directional portal betweenService Oriented Architecture (SOA) services and enterprise resourcesused by at least one enterprise customer; an aggregating logic foraggregating incoming and outgoing messages from the SOA services and theenterprise resources; a strategy set of rules that define pre-setresponses to an event described by one or more of the incoming messagesfrom the enterprise resources, wherein the pre-set responses areprovided by a SOA response service from the SOA services; and adelegation logic for delegating the pre-set responses to agents in theaffected resources and elements of hardware that such agents directly orindirectly control or sense operationally important status from, whereinthe agents are software logic that have been pre-deployed, from the ESMlayer to the affected resources, for executing the pre-set responses.

The above, as well as additional purposes, features, and advantages ofthe present invention will become apparent in the following detailedwritten description.

BRIEF DESCRIPTION OF THE DRAWINGS

The novel features believed characteristic of the invention are setforth in the appended claims. The invention itself, however, as well asa preferred mode of use, further purposes and advantages thereof, willbest be understood by reference to the following detailed description ofan illustrative embodiment when read in conjunction with theaccompanying drawings, where:

FIG. 1 illustrates an exemplary computer in which the present inventionmay be utilized;

FIG. 2 depicts an exemplary Consolidated Business Service (CBS) formanaging an interface between Service Oriented Architecture (SOA)services and customer resources;

FIG. 3 illustrates an alternate architecture for the CBS shown in FIG.2;

FIG. 4 depicts an exemplary use of the CBS shown in FIG. 2 and FIG. 3for handling a trouble ticket that has been generated by a SOA client;

FIG. 5 is a high-level flow chart of exemplary steps taken to provide anintegration of SOA services with client resources;

FIGS. 6A-B are flow-charts showing steps taken to deploy softwarecapable of executing the steps and processes described in FIGS. 2-5; and

FIGS. 7A-B are flow-charts showing steps taken to execute the steps andprocesses shown in FIGS. 2-5 using an on-demand service provider;

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

With reference now to FIG. 1, there is depicted a block diagram of anexemplary computer 102, in which the present invention may be utilized.Note that some or all of the exemplary architecture shown for computer102 may be utilized by software deploying server 150, as well as byService Oriented Architecture (SOA) server 202, Consolidated BusinessService (CBS) server 204, enterprise resources 206 a-n, call center 208,data center 210, help desk 212 shown in FIG. 2, and/or client computer404 shown in FIG. 4. Similarly, the architecture shown for computer 102can be utilized to support other software and processes described inFIGS. 2-7B.

Computer 102 includes a processor unit 104 that is coupled to a systembus 106. A video adapter 108, which drives/supports a display 110, isalso coupled to system bus 106. System bus 106 is coupled via a busbridge 112 to an Input/Output (I/O) bus 114. An I/O interface 116 iscoupled to I/O bus 114. I/O interface 116 affords communication withvarious I/O devices, including a keyboard 118, a mouse 120, a CompactDisk-Read Only Memory (CD-ROM) drive 122, a floppy disk drive 124, and aflash drive memory 126. The format of the ports connected to I/Ointerface 116 may be any known to those skilled in the art of computerarchitecture, including but not limited to Universal Serial Bus (USB)ports.

Computer 102 is able to communicate with a software deploying server 150via a network 128 using a network interface 130, which is coupled tosystem bus 106. Network 128 may be an external network such as theInternet, or an internal network such as an Ethernet or a VirtualPrivate Network (VPN). Note the software deploying server 150 mayutilize a same or substantially similar architecture as computer 102.

A hard drive interface 132 is also coupled to system bus 106. Hard driveinterface 132 interfaces with a hard drive 134. In a preferredembodiment, hard drive 134 populates a system memory 136, which is alsocoupled to system bus 106. System memory is defined as a lowest level ofvolatile memory in computer 102. This volatile memory includesadditional higher levels of volatile memory (not shown), including, butnot limited to, cache memory, registers and buffers. Data that populatessystem memory 136 includes computer 102's operating system (OS) 138 andapplication programs 144.

OS 138 includes a shell 140, for providing transparent user access toresources such as application programs 144. Generally, shell 140 is aprogram that provides an interpreter and an interface between the userand the operating system. More specifically, shell 140 executes commandsthat are entered into a command line user interface or from a file.Thus, shell 140 (also called a command processor) is generally thehighest level of the operating system software hierarchy and serves as acommand interpreter. The shell provides a system prompt, interpretscommands entered by keyboard, mouse, or other user input media, andsends the interpreted command(s) to the appropriate lower levels of theoperating system (e.g., a kernel 142) for processing. Note that whileshell 140 is a text-based, line-oriented user interface, the presentinvention will equally well support other user interface modes, such asgraphical, voice, gestural, etc.

As depicted, OS 138 also includes kernel 142, which includes lowerlevels of functionality for OS 138, including providing essentialservices required by other parts of OS 138 and application programs 144,including memory management, process and task management, diskmanagement, and mouse and keyboard management.

Application programs 144 include a browser 146. Browser 146 includesprogram modules and instructions enabling a World Wide Web (WWW) client(i.e., computer 102) to send and receive network messages to theInternet using HyperText Transfer Protocol (HTTP) messaging, thusenabling communication with software deploying server 150.

Application programs 144 in computer 102's system memory (as well assoftware deploying server 150's system memory) also include anConsolidated Business Service Logic (CBSL) 148. CBSL 148 includes codefor implementing the processes described in FIGS. 2-7B. In oneembodiment, computer 102 is able to download CBSL 148 from softwaredeploying server 150, including in an “on demand” basis, as described ingreater detail below in FIGS. 6A-7B.

The hardware elements depicted in computer 102 are not intended to beexhaustive, but rather are representative to highlight essentialcomponents required by the present invention. For instance, computer 102may include alternate memory storage devices such as magnetic cassettes,Digital Versatile Disks (DVDs), Bernoulli cartridges, and the like.These and other variations are intended to be within the spirit andscope of the present invention.

With reference now to FIG. 2, an exemplary overview of a ConsolidatedBusiness Service (CBS) 200 is presented. CBS 200 includes a novelsoftware layer referred to here as an Enterprise Systems Management(ESM) layer 214. ESM layer 214 is a Service Oriented Architecture (SOA)self-contained network that manages and integrates processes provided bySOA software services 216 to enterprise resources 206 a-n (where “n” isan integer). Note that enterprise resources 206 a-n may be from a sameenterprise, or they may be from different enterprises. Note also thatresources 206 a-n may utilize different protocols, including but notlimited to, different operating systems, different softwareapplications, different versions of a same software title, differentcommunication protocols (both internal as well as external), etc. Asdescribed below, ESM layer 214 provides pervasive command and controlover activities across the enterprise resources 206 a-n.

Within the ESM layer 214, which may be run on the CBS server 204 (asdepicted and managed by an ESM command center 218) or alternatively bythe SOA server 202, is a bi-directional portal 220, a strategy set ofrules 222, an aggregating logic 224, and a delegation logic 226.

Bi-directional portal 220 provides an interface for incoming andoutgoing messages between the SOA software services 216 and theenterprise resources 206 a-n. In some instances, the enterpriseresources 206 a-n utilize a format that is unintelligible to the SOAsoftware services 216. For example, one of the enterprise resources 206a-n may utilize an operating system, application program (or versionthereof), data format (voice, data, video, etc.), etc. that is notunderstood and/or supported by any of the SOA software services 216.Thus, bi-directional portal 220 may include logic for translating,preferably by using Extensible Markup Language (XML) code, incomingmessages from one or more of the enterprise resources 206 a-n into aformat that can be understood/handled/processed by one of the SOAsoftware services 216.

The incoming messages from the enterprise resources 206 a-n may be trapsof events that occur within and/or are generated by the enterpriseresources 206 a-n. These events may be anomalies or normal events, andinclude, but are not limited to, video signals (e.g., camera feeds),voice signals (e.g., telephone calls), data signals (e.g., packeted datatransmissions), Simple Mail Transfer Protocol (SMTP) alert messages(e.g., e-mail alerts warning of a problem within one or more of theenterprise resources 206 a-n), Simple Network Management Protocol (SNMP)system alerts (e.g., network-based alerts warning of a problem withinone or more of the enterprise resources 206 a-n), handheld radiotransmissions (e.g., “walkie-talkie” traffic that is locally captured bya repeater tower), and other protocols for voice data such as SNTP(Simple Network Time Protocol for data), and H.323 for voice protocolsand systems alerts directly generated by agents that directly, orthrough additional electronic or optical circuitry, sense operationalstatus and performance status, etc.

The strategy set of rules 222 manages operation of all activities withinthe ESM layer 214, and may define pre-set responses to an eventdescribed by one or more of the incoming messages from the enterpriseresources. These pre-set responses are provided by one of the SOAsoftware services 216, which may be referred to as an SOA responseservice (not separately depicted from SOA software services 216).

The aggregating logic 224 aggregates incoming messages from theenterprise resources 206 a-n in accordance with rules found in thestrategy set of rules 222. This aggregation both aggregates andde-duplicates incoming messages. For example, aggregating logic 224 may“know” that an event is significant only if it occurs more than apre-determined number of times from a previously identified one or moreresource (from the enterprise resources 206 a-n) within a predeterminedtime period. Similarly, if a same event is detected and reported bymultiple resources (from the enterprise resources 206 a-n), then theaggregating logic 224 utilizes logic (from the strategy set of rules222) that identifies these multiple reports as being for a same singleevent (e.g., multiple cameras, having different viewpoints, picking up asame object/person in their fields of view).

The delegation logic 226 delegates the pre-set responses to agents 230a-n, which are located (respectively) in the enterprise resources 206a-n. These agents 230 a-n have been pre-deployed to the enterpriseresources 206 a-n from the ESM layer 214, and may be responsible foractually allocating the pre-set response to their local enterpriseresource.

ESM layer 214 also supports at least one User Defined Operating Picture(UDOP) 228. The UDOP 228 is user-configured to permit a user to selectone or more of the enterprise resources 206 a-n for viewing alarms,activities, etc. Note that the UDOP 228 is not merely a dashboard, butrather provides the user with sufficient granularity to view specificactivities within a particular resource from the enterprise resources206 a-n. For example, the UDOP 228 may be a heat map of multiple(user-selected) resources from the enterprise resources 206 a-n. Thisheat map is a color coded representation that shows levels of activity(either nominal or anomalous) occurring in real-time within the viewedresources. If a particular resources shows unusually high activity (asrepresented by a changed in color, such as from green to yellow or red),the user can “drill down” into the resource's activities to determinethe cause of the increased activity.

With reference now to FIG. 3, an alternate perspective of thearchitecture of the CBS 200, shown in FIG. 2, is presented as CBS 300.CBS 300 includes a SOA framework 302, which includes a service bus 304and an enterprise bus 306. The service bus 304 handles business services(e.g., services for changing management of the SOA, handling alerts,managing assets of customer enterprises, handling a help desk, etc.) aswell as receiving messages (e.g., the incoming messages shown in FIG. 2)from enterprise resources. The enterprise bus 306 includes necessaryconnectors and adapters for handling messages in SOAP (originally namedas a “Simple Object Access Protocol”, now simply known as “SOAP”),XML/Hypertext Transfer Protocol (XML/HTTP), packaged connectors (e.g.,Internet Protocol/Transmission Control Protocol (IP/TCP) packets), JavaMessage Services (JMS), and other messaging protocols of the like).

The SOA framework 302 receives and transmits messages to an enterprisesystems management 308, which includes resources (e.g., enterpriseresources 206 a-n shown in FIG. 2), which may include systems for assetmanagement, making changes to the resources, configuring the resources,a service desk for supporting usage of the resources, etc.). In oneembodiment, the enterprise system management 308 is staffed/handled by aSOA service that is managed by the CBS 200 described above.

The SOA framework 302 is also able to communicate and provide enterpriseinformation views 310, which are similar to the UDOP 228 described inFIG. 2. These enterprise information views 310 are managed by a portalserver 312, and provide a display of view such as a trouble ticketportlet, definitions of security levels (e.g., the five nationalsecurity threat levels/colors defined by the U.S. Department of HomelandSecurity—DHS), network element, security element, and network circuitelement status, etc. Information that populates (and may be “drilleddown” for further analysis) such view may come from multiple portals.For example, a Department of Homeland Security (DHS) portal 314, aTransportation Safety Administration (TSA) portal 316, and anotherportal 318 may be provided by outside servers, including externalTSA/DHS portal servers 320. Such a scenario enables the example shown inFIG. 4.

Referring now to FIG. 4, assume that a user 402 is, for example, a TSAemployee who is monitoring a TSA employee portal 402 on his clientcomputer 404. A trouble ticket portlet 406 may indicate a local problem,such as a detection of radiation in a bagging screening machine (notshown). This trouble ticket portlet 406 was activated by the enterpriseinformation views 310 under the guidance of the SOA framework 302described in FIG. 3. The TSA user 402 is not alone, however, and maycontact a help desk 408 from the enterprise system management 308. Thishelp desk may provide further information and assistance, includingsimply resetting the trouble ticket portlet if the user 402 and/or anassistant at the help desk 408 determine that the trouble ticket isinsignificant.

Referring now to FIG. 5, presented are an exemplary set of steps takento integrate Service Oriented Architecture (SOA) services with resourcesat multiple enterprises, where at least one of the resources at themultiple enterprises has at least one incompatible feature that isincompatible with another resource from the multiple enterprises. Afterinitiator block 502, at least one agent is installed, by an EnterpriseSystems Management (ESM) layer, in at least one of the resources at themultiple enterprises (block 504). Note that the ESM layer is logicallyoriented between Service Oriented Architecture (SOA) services and theresources at the multiple enterprises. In response to detecting an eventat an affected resource from the resources at the multiple enterprises(query block 506), the event is ameliorated by a local agent in theaffected resource (block 508). For example, if the event is a viralattack on the resource, then the installed agent may shut down (or closea port to) the affected (infected) resource.

Trapped messages are received and aggregated in the ESM layer, whichcreates trapped aggregated messages from the trapped messages (block510). These trapped messages describe the event that occurred in theaffected resource, and may be anomalous (e.g., a virus, a lock-up, anoveruse, etc.) or nominal (e.g., normal data, video, voice traffic). Asdescribed in block 512, the ESM layer transcribes the trapped aggregatedmessage to create a transcribed trapped aggregated message. Note thatthe trapped aggregated message is initially in a first format that isunintelligible to an SOA response service that has a pre-set response tothe event, and that the transcribed trapped aggregated message is in asecond format that is intelligible to the SOA response service that hasthe pre-set response to the event.

As depicted in block 514, the transcribed trapped aggregated message isthen transmitted, from the ESM layer, to the SOA response service torequest the pre-set response. The ESM layer retrieves the pre-setresponse from the SOA response service (block 516), and delegates thepre-set response from the ESM layer to the local agent in the affectedresource (block 518). The local agent then executes the pre-set responseat the affected resource (block 520), and the process ends (terminatorblock 522).

It should be understood that at least some aspects of the presentinvention may alternatively be implemented in a computer-readable mediumthat contains a program product. Programs defining functions of thepresent invention can be delivered to a data storage system or acomputer system via a variety of tangible signal-bearing media, whichinclude, without limitation, non-writable storage media (e.g., CD-ROM),writable storage media (e.g., hard disk drive, read/write CD ROM,optical media), as well as non-tangible communication media, such ascomputer and telephone networks including Ethernet, the Internet,wireless networks, and like network systems. It should be understood,therefore, that such signal-bearing media when carrying or encodingcomputer readable instructions that direct method functions in thepresent invention, represent alternative embodiments of the presentinvention. Further, it is understood that the present invention may beimplemented by a system having means in the form of hardware, software,or a combination of software and hardware as described herein or theirequivalent.

Software Deployment

As described above, in one embodiment, the processes described by thepresent invention, including the functions of CBSL 148, are performed byservice provider server 150. Alternatively, CBSL 148 and the methoddescribed herein, and in particular as shown and described in FIGS. 2-5,can be deployed as a process software from service provider server 150to computer 102. Still more particularly, process software for themethod so described may be deployed to service provider server 150 byanother service provider server (not shown).

Referring then to FIGS. 6A-B, step 600 begins the deployment, alsocalled provisioning, of the process software. The first thing is todetermine if there are any programs that will reside on a server orservers when the process software is executed (query block 602). If thisis the case, then the servers that will contain the executables areidentified (block 604). The process software for the server or serversis transferred directly to the servers' storage via File TransferProtocol (FTP) or some other protocol or by copying though the use of ashared file system (block 606). The process software is then installedon the servers (block 608).

Next, a determination is made on whether the process software is to bedeployed by having users access the process software on a server orservers (query block 610). If the users are to access the processsoftware on servers, then the server addresses that will store theprocess software are identified (block 612).

A determination is made if a proxy server is to be built (query block614) to store the process software. A proxy server is a server that sitsbetween a client application, such as a Web browser, and a real server.It intercepts all requests to the real server to see if it can fulfillthe requests itself. If not, it forwards the request to the real server.The two primary benefits of a proxy server are to improve performanceand to filter requests. If a proxy server is required, then the proxyserver is installed (block 616). The process software is sent to theservers either via a protocol such as FTP or it is copied directly fromthe source files to the server files via file sharing (block 618).Another embodiment would be to send a transaction to the servers thatcontained the process software and have the server process thetransaction, then receive and copy the process software to the server'sfile system. Once the process software is stored at the servers, theusers, via their client computers, then access the process software onthe servers and copy to their client computers file systems (block 620).Another embodiment is to have the servers automatically copy the processsoftware to each client and then run the installation program for theprocess software at each client computer. The user executes the programthat installs the process software on his client computer (block 622)then exits the process (terminator block 624).

In query step 626, a determination is made whether the process softwareis to be deployed by sending the process software to users via e-mail.The set of users where the process software will be deployed areidentified together with the addresses of the user client computers(block 628). The process software is sent via e-mail to each of theusers' client computers (block 630). The users then receive the e-mail(block 632) and then detach the process software from the e-mail to adirectory on their client computers (block 634). The user executes theprogram that installs the process software on his client computer (block622) then exits the process (terminator block 624).

Lastly a determination is made as to whether the process software willbe sent directly to user directories on their client computers (queryblock 636). If so, the user directories are identified (block 638). Theprocess software is transferred directly to the user's client computerdirectory (block 640). This can be done in several ways such as but notlimited to sharing of the file system directories and then copying fromthe sender's file system to the recipient user's file system oralternatively using a transfer protocol such as File Transfer Protocol(FTP). The users, or software that automates the installation of thethen transferred software, access the directories on their client filesystems in preparation for installing the process software (block 642).The user or the installation automation software then executes theprogram that installs the process software on his client computer (block622) and then exits the process (terminator block 624).

VPN Deployment

The present software can be deployed to third parties as part of aservice wherein a third party VPN service is offered as a securedeployment vehicle or wherein a VPN is build on-demand as required for aspecific deployment.

A virtual private network (VPN) is any combination of technologies thatcan be used to secure a connection through an otherwise unsecured oruntrusted network. VPNs improve security and reduce operational costs.The VPN makes use of a public network, usually the Internet, to connectremote sites or users together. Instead of using a dedicated, real-worldconnection such as leased line, the VPN uses “virtual” connectionsrouted through the Internet from the company's private network to theremote site or employee. Access to the software via a VPN can beprovided as a service by specifically constructing the VPN for purposesof delivery or execution of the process software (i.e. the softwareresides elsewhere) wherein the lifetime of the VPN is limited to a givenperiod of time or a given number of deployments based on an amount paid.

The process software may be deployed, accessed and executed througheither a remote-access or a site-to-site VPN. When using theremote-access VPNs the process software is deployed, accessed andexecuted via the secure, encrypted connections between a company'sprivate network and remote users through a third-party service provider.The enterprise service provider (ESP) sets a network access server (NAS)and provides the remote users with desktop client software for theircomputers. The telecommuters can then dial a toll-free number or attachdirectly via a cable or DSL modem to reach the NAS and use their VPNclient software to access the corporate network and to access, downloadand execute the process software.

When using the site-to-site VPN, the process software is deployed,accessed and executed through the use of dedicated equipment andlarge-scale encryption that are used to connect a company's multiplefixed sites over a public network such as the Internet.

The process software is transported over the VPN via tunneling which isthe process of placing an entire packet within another packet andsending it over a network. The protocol of the outer packet isunderstood by the network and both points, called tunnel interfaces,where the packet enters and exits the network.

Software Integration

The process software which consists of code for implementing the processdescribed herein may be integrated into a client, server and networkenvironment by providing for the process software to coexist withapplications, operating systems and network operating systems softwareand then installing the process software on the clients and servers inthe environment where the process software will function.

The first step is to identify any software on the clients and servers,including the network operating system where the process software willbe deployed, that are required by the process software or that work inconjunction with the process software. This includes the networkoperating system that is software that enhances a basic operating systemby adding networking features.

Next, the software applications and version numbers will be identifiedand compared to the list of software applications and version numbersthat have been tested to work with the process software. Those softwareapplications that are missing or that do not match the correct versionwill be upgraded with the correct version numbers. Program instructionsthat pass parameters from the process software to the softwareapplications will be checked to ensure the parameter lists match theparameter lists required by the process software. Conversely parameterspassed by the software applications to the process software will bechecked to ensure the parameters match the parameters required by theprocess software. The client and server operating systems including thenetwork operating systems will be identified and compared to the list ofoperating systems, version numbers and network software that have beentested to work with the process software. Those operating systems,version numbers and network software that do not match the list oftested operating systems and version numbers will be upgraded on theclients and servers to the required level.

After ensuring that the software, where the process software is to bedeployed, is at the correct version level that has been tested to workwith the process software, the integration is completed by installingthe process software on the clients and servers.

On Demand

The process software is shared, simultaneously serving multiplecustomers in a flexible, automated fashion. It is standardized,requiring little customization and it is scalable, providing capacity ondemand in a pay-as-you-go model.

The process software can be stored on a shared file system accessiblefrom one or more servers. The process software is executed viatransactions that contain data and server processing requests that useCPU units on the accessed server. CPU units are units of time such asminutes, seconds, hours on the central processor of the server.Additionally the accessed server may make requests of other servers thatrequire CPU units. CPU units describe an example that represents but onemeasurement of use. Other measurements of use include but are notlimited to network bandwidth, memory utilization, storage utilization,packet transfers, complete transactions etc.

When multiple customers use the same process software application, theirtransactions are differentiated by the parameters included in thetransactions that identify the unique customer and the type of servicefor that customer. All of the CPU units and other measurements of usethat are used for the services for each customer are recorded. When thenumber of transactions to any one server reaches a number that begins toaffect the performance of that server, other servers are accessed toincrease the capacity and to share the workload. Likewise when othermeasurements of use such as network bandwidth, memory utilization,storage utilization, etc. approach a capacity so as to affectperformance, additional network bandwidth, memory utilization, storageetc. are added to share the workload.

The measurements of use used for each service and customer are sent to acollecting server that sums the measurements of use for each customerfor each service that was processed anywhere in the network of serversthat provide the shared execution of the process software. The summedmeasurements of use units are periodically multiplied by unit costs andthe resulting total process software application service costs arealternatively sent to the customer and/or indicated on a web siteaccessed by the customer which then remits payment to the serviceprovider.

In another embodiment, the service provider requests payment directlyfrom a customer account at a banking or financial institution.

In another embodiment, if the service provider is also a customer of thecustomer that uses the process software application, the payment owed tothe service provider is reconciled to the payment owed by the serviceprovider to minimize the transfer of payments.

With reference now to FIGS. 7A-B, initiator block 702 begins the OnDemand process. A transaction is created than contains the uniquecustomer identification, the requested service type and any serviceparameters that further, specify the type of service (block 704). Thetransaction is then sent to the main server (block 706). In an On Demandenvironment the main server can initially be the only server, then ascapacity is consumed other servers are added to the On Demandenvironment.

The server central processing unit (CPU) capacities in the On Demandenvironment are queried (block 708). The CPU requirement of thetransaction is estimated, then the server's available CPU capacity inthe On Demand environment are compared to the transaction CPUrequirement to see if there is sufficient CPU available capacity in anyserver to process the transaction (query block 710). If there is notsufficient server CPU available capacity, then additional server CPUcapacity is allocated to process the transaction (block 712). If therewas already sufficient available CPU capacity then the transaction issent to a selected server (block 714).

Before executing the transaction, a check is made of the remaining OnDemand environment to determine if the environment has sufficientavailable capacity for processing the transaction. This environmentcapacity consists of such things as but not limited to networkbandwidth, processor memory, storage etc. (block 716). If there is notsufficient available capacity, then capacity will be added to the OnDemand environment (block 718). Next the required software to processthe transaction is accessed, loaded into memory, then the transaction isexecuted (block 720).

The usage measurements are recorded (block 722). The utilizationmeasurements consist of the portions of those functions in the On Demandenvironment that are used to process the transaction. The usage of suchfunctions as, but not limited to, network bandwidth, processor memory,storage and CPU cycles are what is recorded. The usage measurements aresummed, multiplied by unit costs and then recorded as a charge to therequesting customer (block 724).

If the customer has requested that the On Demand costs be posted to aweb site (query block 726), then they are posted (block 728). If thecustomer has requested that the On Demand costs be sent via e-mail to acustomer address (query block 730), then these costs are sent to thecustomer (block 732). If the customer has requested that the On Demandcosts be paid directly from a customer account (query block 734), thenpayment is received directly from the customer account (block 736). TheOn Demand process is then exited at terminator block 738.

While the present invention has been particularly shown and describedwith reference to a preferred embodiment, it will be understood by thoseskilled in the art that various changes in form and detail may be madetherein without departing from the spirit and scope of the invention.For example, while the present description has been directed to apreferred embodiment in which custom software applications aredeveloped, the invention disclosed herein is equally applicable to thedevelopment and modification of application software. Furthermore, asused in the specification and the appended claims, the term “computer”or “system” or “computer system” or “computing device” includes any dataprocessing system including, but not limited to, personal computers,servers, workstations, network computers, main frame computers, routers,switches, Personal Digital Assistants (PDA's), telephones, and any othersystem capable of processing, transmitting, receiving, capturing and/orstoring data.

1. A Consolidated Business Service (CBS) for managing an interfacebetween Service Oriented Architecture (SOA) services and resources usedby at least one enterprise customer, the CBS comprising an EnterpriseSystems Management (ESM) layer that comprises: a bi-directional portalbetween Service Oriented Architecture (SOA) services and enterpriseresources used by at least one enterprise customer; an aggregating logicfor aggregating incoming and outgoing messages from the SOA services andthe enterprise resources; a strategy set of policies and derived rulesthat define pre-set responses to an event described by one or more ofthe incoming messages from the enterprise resources, wherein the pre-setresponses are provided by a SOA response service from the SOA services;and a delegation logic for delegating the pre-set responses to agents inthe affected resources, wherein the agents are software logic that havebeen pre-deployed, from the ESM layer to the affected resources, forexecuting the pre-set responses.
 2. The CBS of claim 1, wherein at leastone of the enterprise resources initially utilizes a protocol that isunintelligible to the SOA services, wherein the wherein the incoming andoutgoing messages are modified by the bi-directional portal usingExtensible Markup Language (XML) code, and wherein the XML code modifiesthe incoming and outgoing messages in a manner that permits the SOAservices and the enterprise resources to communicate with each other viathe ESM layer.
 3. The CBS of claim 1, wherein the incoming messages fromthe enterprise resources are traps of a combination of video signals,voice signals, data signals, Simple Mail Transfer Protocol (SMTP) alertmessages that describe faults in one or more of the enterpriseresources, Simple Network Management Protocol (SNMP) system alert e-mailmessages that describe faults in one or more of the enterpriseresources, device fault alerts that were sent using combined data andvoice device messaging protocols, and handheld radio transmissions. 4.The CBS of claim 1, wherein the incoming messages from the enterpriseresources are traps of video signals generated by the enterpriseresources.
 5. The CBS of claim 1, wherein the incoming messages from theenterprise resources are traps of voice telephone signals generated bythe enterprise resources.
 6. The CBS of claim 1, wherein the incomingmessages from the enterprise resources are traps of data signals from acomputer from the enterprise resources.
 7. The CBS of claim 1, whereinthe incoming messages from the enterprise resources are traps of SimpleMail Transfer Protocol (SMTP) system alert e-mail messages that describeerrors in the enterprise resources.
 8. The CBS of claim 1, wherein theincoming messages from the enterprise resources are traps of device,agent, SOA services, application, enterprise service bus, utility, localand remote services, security system and alert messages that describeerrors in the enterprise resources.
 9. The CBS of claim 1, wherein theincoming messages from the enterprise resources are traps of handheldradio transmissions from the enterprise resources.
 10. The CBS of claim1, wherein the EMS layer further comprises a User Defined OperatingPicture (UDOP), wherein the UDOP is user-configured to permit a user toselect one of the enterprise resources as a selected resource, whereinthe UDOP permits the user to view alarm data for the selected resource,wherein the alarm data describes a cause of an anomaly in the selectedresource.
 11. The CBS of claim 10, wherein the UDOP displays a heat mapthat describes an anomaly frequency of the anomaly in the selectedresource.
 12. The CBS of claim 1, wherein the aggregating logicidentifies and consolidates redundant messages that describe a sameevent, and wherein the redundant messages are generated by differentresources from the enterprise resources.
 13. A computer-implementedmethod for integrating Service Oriented Architecture (SOA) services withresources at multiple enterprises, wherein at least one of the resourcesat the multiple enterprises has at least one incompatible feature thatis incompatible with another resource from the multiple enterprises, thecomputer-implemented method comprising: installing, by an EnterpriseSystems Management (ESM) layer, at least one agent in at least one ofthe resources at the multiple enterprises, wherein the ESM layer islogically oriented between Service Oriented Architecture (SOA) servicesand the resources at the multiple enterprises: in response to detectingan event at an affected resource from the resources at the multipleenterprises, ameliorating the event by a local agent in the affectedresource; receiving and aggregating, at the ESM layer, trapped messagesfrom the affected resource that describes the event to create a trappedaggregated message; transcribing, at the ESM layer, the trappedaggregated message to create a transcribed trapped aggregated message,wherein the trapped aggregated message is in a first format that isunintelligible to an SOA response service that has a pre-set response tothe event, and wherein the transcribed trapped aggregated message is ina second format that is intelligible to the SOA response service thathas the pre-set response to the event; transmitting the transcribedtrapped aggregated message to the SOA response service to request thepre-set response; retrieving, by the ESM layer, the pre-set responsefrom the SOA response service; delegating the pre-set response from theESM layer to the local agent in the affected resource; and executing thepre-set response at the affected resource.
 14. The computer executablemethod of claim 13, wherein the trapped messages describe radiotransmissions from held-held radios, wherein the hand-held radios arefrom the enterprise resources.
 15. The computer executable method ofclaim 13, further comprising: displaying information from the trappedmessages on a User Defined Operating Picture (UDOP), wherein the UDOP isuser-configured to permit a user to select one of the enterpriseresources as a selected resource, wherein the UDOP permits the user toview alarm data for the selected resource, wherein the alarm datadescribes a cause of an anomaly in the selected resource.
 16. Acomputer-readable medium encoded with a computer program, the computerprogram comprising computer executable instructions configured for:installing, by an Enterprise Systems Management (ESM) layer, at leastone agent in at least one of the resources at the multiple enterprises,wherein the ESM layer is logically oriented between Service OrientedArchitecture (SOA) services and the resources at the multipleenterprises: in response to detecting an event at an affected resourcefrom the resources at the multiple enterprises, ameliorating the eventby a local agent in the affected resource; receiving and aggregating, atthe ESM layer, trapped messages from the affected resource thatdescribes the event to create a trapped aggregated message;transcribing, at the ESM layer, the trapped aggregated message to createa transcribed trapped aggregated message, wherein the trapped aggregatedmessage is in a first format that is unintelligible to an SOA responseservice that has a pre-set response to the event, and wherein thetranscribed trapped aggregated message is in a second format that isintelligible to the SOA response service that has the pre-set responseto the event; transmitting the transcribed trapped aggregated message tothe SOA response service to request the pre-set response; retrieving, bythe ESM layer, the pre-set response from the SOA response service;delegating the pre-set response from the ESM layer to the local agent inthe affected resource; translating the pre-set response into a protocolneeded to initiate the pre-set response in an electronic elementaddressed by the pre-set response, and executing the pre-set response atthe affected resource.
 17. The computer-readable medium of claim 16,wherein the trapped messages describe multiple depictions of a sameevent captured by multiple cameras from the enterprise resources, andwherein the trapped aggregated message describes the same event as asingle event.
 18. The computer-readable medium of claim 16, wherein thecomputer executable instructions are further configured for: displayinginformation from the trapped messages on a User Defined OperatingPicture (UDOP), wherein the UDOP is user-configured to permit a user toselect one of the enterprise resources as a selected resource, whereinthe UDOP permits the user to view alarm data for the selected resource,wherein the alarm data describes a cause of an anomaly in the selectedresource.
 19. The computer-readable medium of claim 16, wherein thecomputer-readable medium is a component of a remote server, and whereinthe computer executable instructions are deployable to a supervisorycomputer from the remote server.
 20. The computer-readable medium ofclaim 16, wherein the computer executable instructions are capable ofbeing provided by a service provider to a customer on an on-demandbasis.